Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp4545739img; Tue, 26 Mar 2019 11:31:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqzRSu0FvmjEctLTmPFGJr7s3iRoNypRg0HoHvg3njhexcvc7f8J0mWo3D9vTqTDELap00ME X-Received: by 2002:a65:430a:: with SMTP id j10mr13237261pgq.143.1553625077567; Tue, 26 Mar 2019 11:31:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553625077; cv=none; d=google.com; s=arc-20160816; b=GIcT9RV2Gv2Py7PYSDkczFrob3y2gdr4ZgV2g28GlnN1Xrz4ZaZmvY+X/0Qoxe7B/p H1s+NunzuffeTGvcY7S54hb0uK9u92vFOGA8nHo54C6WYy/xAfGwWpfVcomVNRPxu3eY FDLyRC/GjY5ZtwC4UoEWkSYEwdFhBmbwuBbHvp5+8LMWNDwXZFyUIQ3mRyk43p2d/DZf afagMZTD3wKmDuzmLTTuRG9kKIxzin1WkGNKLP+hZ9pmqaklLOC955ESf88dGzPn0UcE fwlIigHosmlpxBb5WvfbSSrwlHxD7qe5CfR1f2kf8UFFoGtejx7YRw8Nc0hLh3jtzVMH 1kRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=i92ao4UQPXz3UyfztS9poQmhL/y3JHZOqS1ytGgJ0IM=; b=mRhoXphJE3yVkZouX96M/FhLbFwYCza+reOxVjHBpRaIrRUBCzs6pa9OeT9vTcpg9l FnXt29FqQeVDXqGJgF/ZbM02P1Q+V6bYg69lrI0zj9LttD4a/iAvJmkJn1n0UA4koCQI dHgOIh8qx78LcPDNBEuzkdhdQwjGwJ4UFnf6guStravlHg0HRuF848+hoprgyRcBo0Qi hB+FCWqsK+rfHqIyWEXSeGJHwENcqhUg63h4veYAYjsAraI4ViS+rSfxi0ZC9HnTiumY 2cw+s3cBW4cx1lE6a6TXOdfV9xlzDQaNcm5U48aNKSappu/2Hw57PpcUHYXr9FrRl719 dxqQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=IireMRZb; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a4si17406870plp.431.2019.03.26.11.31.02; Tue, 26 Mar 2019 11:31:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=IireMRZb; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732847AbfCZS2u (ORCPT + 99 others); Tue, 26 Mar 2019 14:28:50 -0400 Received: from mail-qt1-f202.google.com ([209.85.160.202]:37949 "EHLO mail-qt1-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732806AbfCZS2q (ORCPT ); Tue, 26 Mar 2019 14:28:46 -0400 Received: by mail-qt1-f202.google.com with SMTP id v18so14456039qtk.5 for ; Tue, 26 Mar 2019 11:28:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=i92ao4UQPXz3UyfztS9poQmhL/y3JHZOqS1ytGgJ0IM=; b=IireMRZbHx4vA3G+/KY1Qp86vmqOO6m0TVHgQHNQc+DBPoZ/Ypi0LkIWmaO3+z2s/m 5C1L/OQacdr55cpK+BtdpqB1jMJ3ddX/JBAV/dGbD35Qq1bdCKpTUIiOuFos3WkJG+KT TtE03CjoZl4K4rqofSP9GDPM85kvl055ArYJIhbb7HiLBrrphd/IP0YCb7aRPM+WYo0q gqP37V6kBTTxQd2WlFY2084Ber08eBTVOKVw7PeBKH9Io3PY3hSK0lbKZky3cv9WE65z s+r4hpr41eMuC74315P0niUfnwjt0AqBQ9TfKQ+j6wrbZNXrQlm3aGZQxASMtyXGY5bI YDBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=i92ao4UQPXz3UyfztS9poQmhL/y3JHZOqS1ytGgJ0IM=; b=KO7vcDFoanleEsLOZbCAtyx3A9/RSUkjvv6+21vVbVSCjO2KW4WahPky1EkZv0pSj6 PRJIsk34jXI6ADgq4HBlaav9m9ydjNAJ5w+IaGy9MvsCiXLrXCao26euhKR15GF/RQlQ LWdU3OE8pfX00DhUKcAcZtpyDe8Zkf7MEnxKjwemmr3+IxD5nlK0Ffgb3vtER0d0bm1L lv6GT2D6BrQMqVy2VtzP7p+f+nfiz5EoNCBg89bqKCt+bWXgea/ndNvq6eFDQranSYqI WeQPYpOsufRAg+4Z9aC9cLQeaTLlao3Z0bt3PsX5CCguxNvXG4Og23O3eD5Q8yhfFBqL MDdw== X-Gm-Message-State: APjAAAULb5/13P+9u8a5H/558Ejzhj26yO7y/Bo1lk5rYqGOK8axh5Fj x6TilkNqNm9d1W8ynNVRtvqTJpsOgQcba1UZIRkzZQ== X-Received: by 2002:a0c:d413:: with SMTP id t19mr26692906qvh.8.1553624925174; Tue, 26 Mar 2019 11:28:45 -0700 (PDT) Date: Tue, 26 Mar 2019 11:27:36 -0700 In-Reply-To: <20190326182742.16950-1-matthewgarrett@google.com> Message-Id: <20190326182742.16950-21-matthewgarrett@google.com> Mime-Version: 1.0 References: <20190326182742.16950-1-matthewgarrett@google.com> X-Mailer: git-send-email 2.21.0.392.gf8f6787159e-goog Subject: [PATCH V31 20/25] Lock down /proc/kcore From: Matthew Garrett To: jmorris@namei.org Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, dhowells@redhat.com, linux-api@vger.kernel.org, luto@kernel.org, Matthew Garrett Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: David Howells Disallow access to /proc/kcore when the kernel is locked down to prevent access to cryptographic data. This is limited to lockdown confidentiality mode and is still permitted in integrity mode. Signed-off-by: David Howells Signed-off-by: Matthew Garrett --- fs/proc/kcore.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c index bbcc185062bb..1c556a453569 100644 --- a/fs/proc/kcore.c +++ b/fs/proc/kcore.c @@ -518,6 +518,8 @@ read_kcore(struct file *file, char __user *buffer, size_t buflen, loff_t *fpos) static int open_kcore(struct inode *inode, struct file *filp) { + if (kernel_is_locked_down("/proc/kcore", LOCKDOWN_CONFIDENTIALITY)) + return -EPERM; if (!capable(CAP_SYS_RAWIO)) return -EPERM; -- 2.21.0.392.gf8f6787159e-goog